Research on internal network data security monitoring method based on NB-IoT

Abstract

In order to overcome the problems of poor data classification accuracy and effectiveness of traditional data monitoring methods, this paper designs a data security monitoring method based on narrow-band Internet of things. Firstly, the model of network data acquisition and sensor node’s optimal configuration is established to collect intranet data. Based on the analysis of data characteristics, dynamic intranet data analysis indexes are designed from three aspects: establishing security incident quantity index, establishing address entropy index and data diversion. According to the above-mentioned narrow-band data aggregation rate, the security index of the Internet of things is calculated to realize the security of monitoring data. The experimental results show that: whether the network attack exists or not, the accuracy rate of the method is always higher than 90%, the classification time is less than 4 s, and the energy consumption of monitoring process is always less than 150 J, which fully proves that the method achieves the design expectation.

Keywords

Narrow-band Internet of things intranet data security monitoring analysis index address entropy abnormal data screening

1. Introduction

With the rapid development of Internet technology, the application scope of network is expanding. As a means of network access, intranet has become one of the emerging development directions of the combination of wireless communication and Internet technology with its advantages of free frequency band, flexible networking and easy migration [4]. The requirement of real-time and security of data transmission in intranet is very high, so it is necessary to design a data monitoring method to reduce data redundancy, continuously mine useful data information and ensure the security of intranet.

In fact, it is difficult to monitor all data comprehensively and systematically [11]. Therefore, only a certain period of network data can be used as monitoring samples, and the security monitoring of intranet data can be realized by the way similar to sampling monitoring.

At present, many scholars have carried out research on intranet data security monitoring. In reference [17], a network data security monitoring method based on feature transformation algorithm is designed. This method mainly classifies whether the data is abnormal or not into two classification problems, takes the logical regression algorithm as the data classification algorithm, and combines the data high-order features extracted by convolutional neural network to monitor the security of intranet data. However, this method is easy to produce errors when extracting high-order features of data, which leads to low monitoring accuracy. In reference [15], a security entity monitoring method of large-scale network data based on Hadoop is designed. this method combines Hadoop to build network security knowledge map, and proposes an improved conditional random field algorithm to effectively segment the intranet data set, so as to realize the efficient and accurate identification of data security entities. Although the monitoring effect has been achieved to a certain extent, there is a problem of poor timeliness in the segmentation of Intranet data sets. In reference [9], an intelligent monitoring method of intranet information security based on the basic Internet of things is designed. In this method, CC2530 chip is used, wireless communication technology is used to conduct unified aggregation processing for intranet data nodes, and terminal sensing technology is added to realize the security intelligent monitoring of intranet information in the presence of signal interference through threshold segmentation. Although the application effect of this method is good, the energy consumption of the application process is large, which is not conducive to sustainable development.

Narrow-band Internet of things is an important branch of Internet technology. It is established on the basis of cellular network. It can be directly deployed in the intranet with only about 180 kHz bandwidth consumed per month, which can reduce the deployment cost and realize smooth upgrading. Therefore, in view of the shortcomings of traditional data monitoring methods, this paper designs a new data security monitoring method based on narrow-band Internet of things. The idea of the article is as follows:

Model of network data acquisition and sensor node optimization is established to collect the Intranet data quickly and accurately, and improve the accuracy of data partitioning in the Intranet fundamentally. Then, the index of dynamic Intranet data analysis is designed from three perspectives: the number of security incidents, the address entropy and the data distribution;

A digital model is established by using the narrow-band Internet of Things. Taking advantage of the advantages of low energy consumption and fast transmission speed of the narrow-band Internet of Things, low energy consumption safety monitoring of the Intranet data is realized through the process of data dimension-reduction, fuzzy aggregation calculation rate of data features and abnormal data screening, so as to reduce the energy consumption and improve the timeliness of the monitoring process;

Taking the accuracy of data classification, the time cost of the classification process and the energy consumption of the monitoring process as the experimental test indexes, the simulation experiment verifies that the above monitoring methods have the application advantages of high data classification accuracy, less time consumption of the classification process and low energy consumption of the monitoring process.

2. Design of intranet data security monitoring

2.1. Intranet data acquisition

In this section, a digital model is established by using the narrow-band Internet of Things. Taking advantage of the advantages of low energy consumption and fast transmission speed of the narrow-band Internet of Things, low energy consumption safety monitoring of the Intranet data is realized through the process of data dimension-reduction, fuzzy aggregation calculation rate of data features and abnormal data screening, so as to reduce the energy consumption and improve the timeliness of the monitoring process.

Before security monitoring of Intranet data, accurate collection of Intranet data is required. Rapid and accurate data collection can improve the accuracy of data classification, and the effective classification process is time-consuming. Therefore, the model of network data acquisition and sensor node optimal configuration is established. According to the information characteristics of the network data structure in the Internet of things environment, assuming that the link distribution data set to be collected in the network under the distributed Internet of things environment is $X = {x_{1}, x_{2}, \dots, x_{n}}$ , then the data acquisition output expression is: $\begin{matrix} (1) & G = [x_{1} (t_{0}), x_{2} (t_{0} + Δ t), \dots, x_{n} (t_{0} + (K - 1) Δ t)] \end{matrix}$ In formula (1), $x (t_{0})$ and $x (t_{0} + Δ t)$ represent the time series of data collection, and t represents the sampling time. According to the data acquisition and output results, the gain control model of node aggregation link in the Intranet environment is established. By optimizing the node energy-saving allocation calculation, the location of the measured point is defined, and the correlation of node convergence link is expressed as follows: $\begin{matrix} (2) & E_{x_{p}, x_{q}} = \frac{ρ (x_{p} + x_{q}) t}{G} \end{matrix}$ In formula (2), ρ represents the energy coefficient between two nodes in the Internet of things environment, $x_{p} \in X$ and $x_{q} \in X$ . Considering the correlation of node aggregation links, the system objective function of spatial constraints of data nodes in the Intranet is defined by using the clustering-link balanced configuration method as follows: $\begin{matrix} (3) & f = \frac{γ_{i} \times E_{x_{p}, x_{q}} \times η}{G t} \end{matrix}$ In formula (3), $γ_{i}$ represents the initial energy consumption of the cluster head node of the intranet data link, and η represents the balanced initial configuration of the network channel bandwidth. On this basis, the minimum variance estimation method is used to fuse the data in the intranet. The variance reflects the variance change of sample data around the average value. The smaller the variance is, the closer the data is to the average value, and the smaller the deviation is. The larger the variance is, the farther away the data is from the average, and the greater the difference is [14]. Therefore, the adaptive iterative model of intranet data fusion is as follows: $\begin{matrix} (4) & μ_{1} (k) = \frac{(1 - β) e}{σ_{x_{n}}^{2} (k) f} \end{matrix}$ In formula (4), $σ_{x_{n}}^{2} (k)$ represents the spatial time-domain focused beam of data $x_{n}$ after the k-th iteration, k represents the bit sequence flow of network data in the Internet of things environment, and e represents the variance of sample data around the average value. The process of intranet data fusion is shown in Fig. 1.

Fig. 1.

Internal network data fusion process.

On the basis of the above research, combined with the results of Intranet data fusion, the shortest path optimization method is used to establish the routing detection protocol for data collection, and its expression is shown as follows: $\begin{matrix} (5) & ω = \frac{1}{\sqrt{L_{L x} C_{x}}} \end{matrix}$ In formula (5), $L_{L x}$ represents data processing parameters and $C_{x}$ represents rectification control parameters [6, 10]. According to the centralized routing detection protocol and baud rate interval balanced configuration method, the data ratio between the sender and the receiver of the intranet data is obtained as follows: $\begin{matrix} (6) & φ = \frac{k_{1} \times l \times ω}{E_{c}} \times (1 - p_{d}) \end{matrix}$ In formula (6), $E_{c}$ represents the start-up energy consumption of data acquisition, $p_{d}$ represents the transmission power of cluster head node, and l represents the deployment spacing of wireless sensor network nodes for data acquisition. According to the data ratio between the sender and the receiver, the impulse response model of the data acquisition channel in the Intranet environment can be established, and the carrier frequency coding of the data acquisition system is designed. Under the condition of bandwidth and distance limitation, the transfer function of the data acquisition channel in the Internet of things environment is given as follows: $\begin{matrix} (7) & h (t) = \sum_{m = 1}^{M} \frac{T_{m} \times τ_{m k}}{φ} - H \end{matrix}$ In formula (7), H represents the energy loss during data acquisition, $T_{m}$ represents the propagation factor of the m-th transmission channel, and $τ_{m k}$ represents the data acquisition volume of m transmission channels. On this basis, by adjusting the equalizer parameters (weight) to improve the channel optimization ability of data acquisition in the Internet of things environment [5, 18], the effective collection of network data is realized.

2.2. Design of dynamic intranet data analysis index

2.2.1. Analysis of data characteristics

Generally speaking, intranet has the characteristics of large traffic, multi event and multi independent events, which makes the traditional data security monitoring and data analysis process very difficult. In the face of the severe challenge of large-scale network attacks on the intranet, how to establish the internal data security monitoring, situation analysis and emergency response mechanism to ensure the normal and stable operation of the Intranet has become a research hotspot in the field of information security.

Security evaluation algorithm is the core of this project. In the security monitoring of intranet data, a series of benchmark indicators reflecting the network security status need to be constructed, so as to quantify the large-scale attack events into specific indicators, and evaluate the current intranet security status. Based on a large number of log data generated by intrusion detection equipment, we can judge whether the security status of the current intranet is normal or not, which is usually judged from the following aspects:

Whether the number of events is normal. Under normal circumstances, intrusion detection equipment can detect an attack event in a few seconds. If the detection time at a certain moment suddenly increases to 1 minute, a large-scale attack may occur;

Whether the distribution of event addresses is normal. In general, the distribution of source address and target address of attack event has certain distribution rule, but the distribution state will not change obviously. For example, an attack event is detected in a certain sampling period, and the number of attacks is normal; however, if these events are sent from a certain address or targeted at a specific target, a scan or event may occur;

Whether the accident growth rate is normal. Under normal circumstances, the growth rate of each accident should not be too fast. When the growth rate exceeds a certain threshold, network anomalies may occur [2, 7, 16]. For example, in more than one continuous sampling period, the number of detected worm events increases significantly, and large-scale propagation of such worms may have occurred.

The design of security benchmark index should fully consider the above factors, and quantify large-scale attack events into easy to measure indicators, which not only reduces the pressure of security administrator log analysis, but also can timely reflect the macro security situation of the network.

2.2.2. Safety incident quantity index

The safety factor index is used to measure the number of Intranet attack events [1, 19]. According to the harm, principle and propagation mode, the attack events can be divided into three forms: backdoor vulnerability, unauthorized access and spam, and then all kinds of attack events are counted according to certain time interval. If the current is the T-th observation period, the number of different types of security events detected by intrusion detection engine in the current observation period are $p_{T}$ , $q_{T}$ and $r_{T}$ , then $p_{T}$ , $q_{T}$ and $r_{T}$ can represent the current security quantity index value.

2.3. Address entropy index

Address entropy is a concept to measure the degree of information concentration. The ordering of the internal network system will increase the degree of data concentration, and then reduce the maximum value of address entropy. On the contrary, with the chaos of the internal network system, the degree of data concentration will gradually weaken, and the address entropy will increase. The calculation process of address entropy is as follows: $\begin{matrix} (8) & H = - \sum_{i = 0}^{i} (\frac{C_{i}}{s}) {log}_{2} (\frac{C_{i}}{s}) \end{matrix}$ In formula (8), $C_{i}$ represents the number of IP address i, and s represents the number of total IP addresses in the current observation period.

In addition, the address entropy index can also be used to analyze the diffusion situation of security incidents[3, 13]. For large-scale attacks such as worms, the propagation process will cause the number of events to increase gradually. Using the security event diffusion index to quantify the growth rate of attack events, we can find the events causing large-scale proliferation in time.

Security event diffusion index is based on address entropy. Assuming that in the $T - 1$ -th observation period, the values of safety event quantity indexes are $p_{T - 1}$ , $q_{T - 1}$ and $r_{T - 1}$ respectively, and the observation period length is d, then the calculation method of security incident diffusion degree is as follows: $\begin{matrix} (9) & A = \frac{p_{T} - p_{t - 1}}{d} \end{matrix}$

2.4. Data separating

Information acquisition is the process of collecting data from intranet, which is the basis of subsequent information processing and service. One of the main contents of content-oriented intranet data security monitoring research is how to quickly and accurately obtain the required information. Therefore, this paper proposes a balanced data allocation model based on module operation, which can work in the high-speed network environment, realize the collection of intranet data, and ensure that the data belonging to the same session are diverted to the same detector. In general, intranet includes network access unit (TAP), separator, protocol recombiner and protocol content analyzer. Tap is a special access device, which is used to get packets from intranet. It can also be considered that tap is a port of shared hub in the shared network, through which data can be obtained.

Therefore, according to the segmentation algorithm, the intranet data stream is divided into segments with adjustable size, and the data in the segmentation is sent to the specified data stream protocol recovery and reconstruction device. At the same time, in order to ensure the integrity of the data output to the protocol analyzer in application layer, the reduction recombiner of data stream protocol should reduce and reorganize the data stream according to the application layer. In this process, packet filtering can protect intranet information. For example, it can remove independent packets and shield certain attacks from the internal network [12]. The content analyzer of each packet is responsible for analyzing part of the rule set. Each packet is independent of each other and does not exchange information with each other.

The process of the shunting algorithm is as follows: let the packet set of link layer received by TAP device within time t be F, then $F = (f_{0}, f_{1}, \dots, f_{t})$ . When the packet is passed to the splitter, the splitter divides F into m subsets, then there are $\begin{matrix} (10) & F^{'} = \frac{f_{t}}{m} \end{matrix}$ In formula (10), $F^{'}$ is the result of data diversion in Intranet.

3. Implementation of intranet data security monitoring based on narrow-band Internet of things

NB-IoT is an important branch of the Internet of Everything (IoT) based on cellular design. It has the advantages of low energy consumption and wide coverage. Moreover, its cellular structure makes its communication process have better connection ability than the traditional IoT. Therefore, in the dynamic design and data distribution network data analysis indicators to complete, on the basis of the digital model was established based on narrowband Internet of things, using narrowband Internet of the advantages of low energy consumption, fast transmission speed, the data dimension reduction, data characteristics of fuzzy aggregation rate, abnormal data screening process to achieve low energy consumption of network data safety monitoring.

The security process of monitoring data using NBIOT must be legal, accurate and timely[8, 20]. In the process of data security monitoring, some abnormal data are gathered in the intranet, and through the extraction of abnormal data traces, the accurate classification of normal data and abnormal data can be realized, which is the accuracy mentioned in the monitoring principles. The data security monitoring structure based on narrowband Internet of things is shown in Fig. 2.

Fig. 2.

Schematic diagram of data security monitoring structure based on narrow-band Internet of things.

For the actual monitoring process, it is necessary to obtain the feature fuzzy clustering probability of the monitoring data and abnormal trace data, and establish a digital model to describe the feature fuzzy clustering probability in detail.

Firstly, a digital model is established by using narrow-band Internet of things. The model is composed of n data to be monitored and p abnormal trace data with strong correlation, forming a $n \times p$ matrix as follows: $\begin{matrix} (11) & C_{n \times p} = [\begin{matrix} c_{11} & c_{12} & \dots & c_{1 n} \\ c_{21} & c_{22} & \dots & c_{2 n} \\ \dots & \dots & \dots & \dots \\ c_{n 1} & c_{n 2} & \dots & c_{n m} \end{matrix}] \end{matrix}$ In order to make the connection between the monitoring data and the tracking data in the process of big data network intrusion, it is necessary to simplify the calculation process and shorten the time consuming of the monitoring process. For this reason, the matrix dimension is reduced in this study. The process is as follows: $\begin{matrix} (12) & C^{'} = \frac{1}{W_{j} + P_{j}} \end{matrix}$ In formula (12), $P_{j}$ represents the network data correlation parameter and $W_{j}$ describes the weight coefficient.

Through the above process, the data related to the monitoring data can be obtained, and the irrelevant data can be cancelled to improve the monitoring quality and efficiency, and effectively reduce the monitoring process time-consuming. On this basis, the feature fuzzy aggregation rate of abnormal trace data and normal data to be detected is calculated. The expression is as follows: $\begin{matrix} (13) & Q = \frac{q (f_{k}) \times x_{n}}{q (c_{j})} \end{matrix}$ In formula (13), $q (c_{j})$ represents the feature matching probability of abnormal trace data, $q (f_{k})$ represents the matching probability description parameter between the data to be monitored and the abnormal data, and $x_{n}$ represents the data constant.

If the fuzzy aggregation rates of the two are the same, they are regarded as normal data. If the fuzzy aggregation rates of the two are different, the abnormal data are filtered according to formula (14). $\begin{matrix} (14) & y = \frac{Z_{f_{k}} \times Q}{j} \end{matrix}$ In formula (14), $Z_{f_{k}}$ represents the amount of abnormal trace data involved in intranet data, and j represents the sample size of monitoring data. According to the above process, the abnormal data monitoring of intranet data is completed.

In addition, due to the application of narrow-band Internet of things in this study, it is also necessary to analyze the security detection theory of narrow-band Internet of things

The security vulnerability of the original configuration file of narrow-band Internet of things is detected, especially the profile. Usually, the transmission process of narrow-band Internet of things will adopt the preset value, which brings a series of hidden dangers to its operation. Sometimes the profile will lead to the lack of security in the narrow-band Internet of things running environment, so we must pay attention to the security detection of the profile. In practical application, the security problems of narrow-band Internet of things can be quickly found through the detection of configuration files to ensure the safe and stable operation of narrow-band Internet of things.

Another key factor to ensure the stable operation of narrow-band Internet of things is the security of devices and command files, which are also the most vulnerable parts of hackers and Trojans. Therefore, it is necessary to use error correction detection technology to detect and protect the file content.

So far, the design of security monitoring method for intranet data based on narrow-band Internet of things is realized.

4. Experimental comparison and analysis

4.1. Experimental preparation

In order to verify the practical application performance of the security monitoring method for intranet data based on narrow-band Internet of things, the following simulation experiments are designed to verify.

The experiment is carried out on the platform of MATLAB 7, and the text data in the intranet of a company is taken as the experimental object. There are two types of normal data and abnormal data in this part of text data. The normal data accounts for about 70% of all experimental data, and the abnormal data is obtained by tampering with the keywords in the text. Other experimental parameters are shown in Table 1.

Table 1
Experimental parameters

Parameter Values

Shortest route/m 0 ∼ 2.0

Minimum energy per/M 0 ∼ 2.2

Maximum energy consumption/J 2.0

Parameter	Values
Shortest route/m	0 ∼ 2.0
Minimum energy per/M	0 ∼ 2.2
Maximum energy consumption/J	2.0

In order to avoid too single experimental results, the traditional security monitoring method for network data based on feature transformation algorithm (Method of reference [17]) and security entity monitoring method for large-scale network data based on Hadoop (Method of reference [15]) are used as comparison methods to complete the performance verification together with Method of this paper.

The experimental indexes are as follows:

Classification accuracy of normal data and abnormal data. This index can judge the performance of different methods for normal data and abnormal data. The higher the classification accuracy is, the stronger the judgment performance of the method to the data type is. The calculation process of classification accuracy is as follows: $\begin{matrix} (15) & acc = \frac{sum (F F)}{sum (T T) + sum (T F)} \times 100 % \end{matrix}$ In formula (15), $acc$ represents the classification accuracy rate, $sum (T T)$ represents the correct number of sample classification, $sum (T F)$ represents the number of sample classification errors, and $sum (F F)$ represents the proportion of abnormal data.

Classification time. This index and index (1) complement each other and can verify the timeliness of different methods for normal data and abnormal data classification. The shorter the classification time is, the higher the timeliness of the method is.

Monitor energy consumption. In the era of energy economy, low energy consumption and high efficiency monitoring methods will be more concerned and cleaned up in relevant fields. Therefore, this study takes the monitoring energy consumption as the test index to compare the energy consumption of different methods in the security monitoring process of intranet data.

4.2. Experimental results

4.2.1. Test results of classification accuracy of normal data and abnormal data

The accuracy of normal data and abnormal data classification by different methods is tested, and the comparison results are shown in Fig. 3.

Fig. 3.

Comparison of classification accuracy of different methods.

Fig. 4.

Comparison of classification time cost between normal data and abnormal data.

In Fig. 3, the horizontal coordinate represents the amount of data, and the ordinate represents the classification accuracy. Analysis of Fig. 4 shows that with the increase of data volume, the classification accuracy of Method of reference [15] for normal data and abnormal data presents a rising trend, and the highest accuracy rate is slightly higher than 90%. The classification accuracy of Method of this paper and Method of reference [17] is relatively stable. However, the classification accuracy of Method of this paper is always higher than 90%, and its accuracy curve is always above the two comparison methods. Through comparison, it can be seen that the researched data security monitoring method based on the narrow-band Internet of things can more effectively and accurately judge the normal data and abnormal data in the intranet data.

On the basis of the above test, in the process of experimental comparison, network attacks are added at different IDS, and then the classification accuracy of normal data and abnormal data in the intranet is compared with three different methods in the case of attack in the intranet. First of all, the intranet attack situation is designed as shown in Table 2.

Table 2

Design of intranet attack

ID	Attack rate/times	Duration of the/s
1	5	20
2	10	32
3	15	31
4	30	30
5	100	30
6	500	20
7	3000	32

In the case of the above attacks, the classification accuracy of the three methods for normal data and abnormal data in the intranet at different IDS is counted, and the comparison results are shown in Table 3.

Table 3

Classification accuracy of different methods in the presence of attacks

ID	Method of this paper	Method of reference [17]	Method of reference [15]
1	95%	85%	70%
2	92%	74%	72%
3	96%	75%	74%
4	95%	76%	74%
5	94%	78%	76%
6	92%	80%	76%
7	93%	81%	79%

It can be seen from Table 3 that the Method of this paper is less affected by attacks, and its classification accuracy of normal data and abnormal data in the intranet is still above 90%. The results show that the data security monitoring method based on narrow-band Internet of things has strong resistance to network attacks, and can always maintain a high classification accuracy for normal data and abnormal data.

4.2.2. Comparison of classification time cost

The time consumption of different methods for normal data and abnormal data classification process is tested, and the comparison results are shown in Fig. 4.

In Fig. 4, the horizontal coordinate represents the amount of data, and the ordinate represents the time cost of different methods. By analyzing the above comparison Fig. 5, it can be seen that the time cost of Method of reference [15] and Method of this paper has an obvious trend of first decreasing and then increasing, while that of Method of reference [17] keeps on rising. However, the time cost curve of Method of this paper is always under the curve of the two comparison methods, and its maximum time cost is also below 4 s. Through comparison, the shorter the classification time of normal data and abnormal data is, the higher the timeliness of the method is.

4.2.3. Comparison of monitoring energy consumption

The energy consumption of different monitoring methods is tested, and the comparison results are shown in Fig. 5.

Fig. 5.

Comparison of energy consumption of different monitoring methods.

It can be seen from Fig. 5 that the monitoring energy consumption of Method of this paper is slightly higher than that of Method of reference [17] and Method of reference [15] when the amount of data is small. However, with the gradual increase of data volume, the monitoring energy consumption of Method of this paper increases slightly, while the energy consumption of the two comparison methods increases greatly, which makes the energy consumption of them gradually higher than that of Method of this paper. The energy consumption of the monitoring process of Method of this paper is always lower than 150 J.

The main reason for the above results lies in the utilization rate of Method of this paper. The narrow-band Internet of things technology makes full use of its advantages of low energy consumption and fast transmission speed, so that the Method of this paper can quickly and accurately divide the normal data and abnormal data in the intranet, reduce the time-consuming of data classification judgment and reduce the monitoring energy consumption, which is more practical.

To sum up, compared with the traditional methods, the security monitoring method for intranet data based on narrow-band Internet of things designed in this study has high classification accuracy and less classification time for the abnormal data in the intranet, and the classification detection accuracy of the data is still higher in the case of attacks on the intranet, and the energy consumption of data monitoring is lower than that of the traditional methods, which proves that the monitoring method has high effectiveness.

5. Conclusion

This paper designs a security monitoring method for intranet data based on narrow-band Internet of things. Through the establishment of network data acquisition and sensor node’s optimization configuration model, the intranet data can be collected quickly and accurately, and then the dynamic intranet data analysis index is designed. According to the index analysis results, the narrow-band Internet of things is used to establish a digital model to realize the low-energy security monitoring of the intranet data;

In this paper, a simulation experiment is designed to verify the effectiveness of the proposed method. The experimental results show that the accuracy of the proposed method for normal data and abnormal data classification is always higher than 90%, the classification time is less than 4 s, and the energy consumption of monitoring process is always less than 150 J, which shows that the method can effectively improve the accuracy and feasibility of data monitoring process;

In the next stage of research, we will further optimize the method in this paper. On the basis of monitoring mechanism, we will do a good job in the intranet data encryption mechanism, and further improve the security of intranet data.

Footnotes

Acknowledgements

This paper is the research result of the “13th Five-Year” social science project of Jilin Provincial Department of Education: “Research on ‘Chinese Experience’ of Innovation and Entrepreneurship Education – Based on case Studies of Higher vocational Colleges in six places” (JJKH20190989SK); and Jilin Province Vocational Education and Adult Education Teaching reform Research topic: The practice and Research of Innovation and Entrepreneurship Talent Training in Higher Vocational Colleges (2019ZCY416).

References

Bhattarai and

Wang, End-to-end trust and security for Internet of things applications, Computer51(04) (2018), 20–27. doi:10.1109/MC.2018.2141038.

Du,

Wang and

Chen, Big data privacy preserving in multi-access edge computing for heterogeneous Internet of things, IEEE Communications Magazine56(08) (2018), 62–67. doi:10.1109/MCOM.2018.1701148.

Guravaiah and

R.L.

Velusamy, Prototype of home monitoring device using Internet of things and river formation dynamics-based multi-hop routing protocol (rfdhm), IEEE Transactions on Consumer Electronics65(03) (2019), 329–338. doi:10.1109/TCE.2019.2920086.

Li,

Ota and

Dong, Learning iot in edge: Deep learning for the Internet of things with edge computing, IEEE Network32(01) (2018), 96–101. doi:10.1109/MNET.2018.1700202.

Li,

Zhang,

Lin,

Kong,

Katangur and

M.K.

Khan, Joint admission control and resource allocation in edge computing for Internet of things, IEEE Network32(01) (2018), 72–79. doi:10.1109/MNET.2018.1700163.

Liu,

K.K.R.

Choo and

Grossschadl, Securing edge devices in the post-quantum Internet of things using lattice-based cryptography, IEEE Communications Magazine56(02) (2018), 158–162. doi:10.1109/MCOM.2018.1700330.

Lorenzo,

Garcia-Rois,

Li,

Gonzalez-Castano and

Fang, A robust dynamic edge network architecture for the Internet-of-things, IEEE Network32(01) (2018), 8–15. doi:10.1109/MNET.2018.1700263.

X.F.

Lu and

F.F.

Cao, Simulation of wireless LAN information transmission security protection method, Computer Simulation35(05) (2018), 268–271.

F.Z.

Luo, Design of intelligent monitoring system for information security of university intranet based on Internet of things, Journal of Zhoukou Normal University35(05) (2018), 121–125.

10.

Lyu,

Tian,

Jiang,

Vinel,

Maharjan and

Gjessing, Selective offloading in mobile edge computing for the green Internet of things, IEEE Network32(01) (2018), 54–60. doi:10.1109/MNET.2018.1700101.

11.

Ma and

Liu, A progressive search paradigm for the Internet of things, IEEE MultiMedia25(01) (2018), 76–86. doi:10.1109/MMUL.2017.265091429.

12.

Y.H.

Mao and

X.J.

Cheng, Trace data monitoring simulation of lan malicious code intrusion process, Computer Simulation37(01) (2020), 263–266+ 271.

13.

Qian,

Shi,

Li,

Zhou,

Shu and

Wang, An edge-computing paradigm for Internet of things over power line communication networks, IEEE Network34(02) (2020), 262–269. doi:10.1109/MNET.001.1900282.

14.

Qian,

Wu,

Bao and

Lorenz, The Internet of things for smart cities: Technologies and applications, IEEE Network33(02) (2019), 4–5. doi:10.1109/MNET.2019.8675165.

15.

Qin,

G.W.

Shen and

H.X.

Yu, Large-scale network security entity recognition method based on Hadoop, CAAI Transactions on Intelligent Systems14(05) (2019), 1017–1025.

16.

Qin,

G.W.

Shen and

H.X.

Yu, Large-scale network security entity recognition method based on Hadoop, CAAI Transactions on Intelligent Systems14(05) (2019), 1017–1025.

17.

Xiao, Research on network data security check based on a novel feature transformation algorithm, Bulletin of Science and Technology35(05) (2019), 127–131.

18.

Zhang,

Leng,

He,

Maharjan and

Zhang, Mobile edge computing and networking for green and low-latency Internet of things, IEEE Communications Magazine56(05) (2018), 39–45. doi:10.1109/MCOM.2018.1700882.

19.

Zhengguo,

Daxin and

V.C.M.

Leung, Toward an energy and resource efficient Internet of things: A design principle combining computation, communications, and protocols, IEEE Communications Magazine56(07) (2018), 89–95. doi:10.1109/MCOM.2018.1700536.

20.

Zhou and

Saad, Minimum age of information in the Internet of things with non-uniform status packet sizes, IEEE Transactions on Wireless Communications19(03) (2020), 1933–1947. doi:10.1109/TWC.2019.2959777.

Research on internal network data security monitoring method based on NB-IoT

Abstract

Keywords

1. Introduction

2. Design of intranet data security monitoring

2.1. Intranet data acquisition

2.2.1. Analysis of data characteristics

2.2.2. Safety incident quantity index

2.3. Address entropy index

2.4. Data separating

3. Implementation of intranet data security monitoring based on narrow-band Internet of things

4.1. Experimental preparation

Table 1 Experimental parameters Parameter Values Shortest route/m 0 ∼ 2.0 Minimum energy per/M 0 ∼ 2.2 Maximum energy consumption/J 2.0

4.2.1. Test results of classification accuracy of normal data and abnormal data

4.2.3. Comparison of monitoring energy consumption

Footnotes

Acknowledgements

References

Table 1
Experimental parameters

Parameter Values

Shortest route/m 0 ∼ 2.0

Minimum energy per/M 0 ∼ 2.2

Maximum energy consumption/J 2.0